Blog Posts Tagged with "Innovation"

65c1700fde3e9a94cc060a7e3777287c

Preventative -v- Detective Security

December 02, 2012 Added by:Simon Moffatt

Security has several issues from a proactive implementation perspective. Like anything, a detailed return on investment, including both tangible and non-tangible benefits, is required...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance and Company Values from the Ground Up

September 17, 2012 Added by:Thomas Fox

For the compliance practitioner sometimes the biggest challenge is not only to get senior management but the troops in the trenches to embrace compliance. Cathy Choi's story is a powerful lesson of one way to get those troops to buy into what the compliance department is selling...

Comments  (0)

C67c179cd59e50f867e06086f5b2d21f

How the Cloud Disrupted the Corporate Ecosystem

August 29, 2012 Added by:Barrie Hadfield

As the cloud wields increasing influence on corporate environments, the traditional ecosystem becomes more antiquated. There’s some paradox in how the cloud is enabling productivity and collaboration while simultaneously eroding security protocols designed to protect intellectual property and corporate assets...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Crisis Malware Threatens Virtualized Environments

August 24, 2012 Added by:Pierluigi Paganini

Crisis Malware is an agent used to spy on victims by intercepting communications, and it is able to open a backdoor on the infected host once the user executes a JAR file made to look like an Adobe Flash Installer. The malware has been developed for several OSs, and a Mac version has been isolated...

Comments  (0)

59da131e1207b6fadf8fec3862d85ad1

Black Hat and BSides Las Vegas: The Enemy Within

July 30, 2012 Added by:alan shimel

There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...

Comments  (0)

1b061b1cec6b5898e5326992d9461610

On Infosec Thought Followers

July 20, 2012 Added by:Dave Shackleford

The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...

Comments  (2)

0ff0a77035f9569943049ed3e980bb0d

Security Vendors: Absit Reverentia Vero

July 09, 2012 Added by:

Vendors are driven to sell and sell at all costs. Product features stagnate, services under perform. We the customers suffer and the security postures of all organizations plummets. Adversaries can spend less on penetration innovation while at the same time more easily bypass our defenses...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Internet Users Again Shut Out of Secret TPP Negotiations

July 05, 2012 Added by:Electronic Frontier Foundation

We don’t know what’s in the current version of the TPP’s IP chapter - the public has only seen a leaked version. Given what we've seen in this leak, we have every right to be furious that representatives are negotiating an agreement that will harm online expression, privacy, and innovation on the Internet...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Hacking Strikes Fear in the Heart of Texas Bureau of Prisons

June 24, 2012 Added by:Electronic Frontier Foundation

Whether you call them hackers, makers, tinkerers, or information security researchers, people on the hacking spectrum have been a boon to society for decades. They power innovation in all sectors and operate as a valuable check on the security and stability of the technology that forms the basis for our society...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Conducts Big Data Workshop

June 14, 2012 Added by:Infosec Island Admin

In this first NIST 'Big Data' workshop, key national priority topics will be explored, including examples from science, health, disaster management, security, and finance. At the same time, topics in emerging technology areas including analytics and architectures will also be discussed...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Apple's Crystal Prison and the Future of Open Platforms

June 06, 2012 Added by:Electronic Frontier Foundation

Apps that require administrative privileges are impossible to install on an iOS device without jailbreaking it. This includes apps that let you firewall your device and secure your internet traffic with OpenVPN. Jailbreaking also helps security and privacy researchers to see if apps are leaking data...

Comments  (3)

1b061b1cec6b5898e5326992d9461610

Infosec Subjectivity: No Black and White

June 04, 2012 Added by:Dave Shackleford

Overall, here’s the rub: There are almost no security absolutes. Aside from some obvious things like bad coding techniques, the use of WEP, hiring Ligatt Security to protect you, etc... Everything else is in information security the gray area...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Resilience is the New Secure: Evolution of Business-Relevant Thinking

May 30, 2012 Added by:Rafal Los

Resiliency speaks to core business needs much better than security ever could. Resiliency speaks to availability, incident response, business continuity and disaster recovery and security all rolled into one. Resiliency is a measure of preparedness against failure - a component of which is security...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud: Making the Security Case

May 05, 2012 Added by:Rafal Los

When we think about cloud computing we can think of security as getting a bit of a gentle push, or shove in some cases. The way it is built and billed as services instead of individual components, and the increased emphasis on automation - security has a real chance of not being a roadblock...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

On the Sustainability of Information Security

April 25, 2012 Added by:Rafal Los

The only way that information security can be a group of outliers is if we're considering ourselves within the entirety of the IT realm. While this would be great for my ego to think that myself and all my peers are just smarter than everyone else in IT, I know this to be false...

Comments  (0)

Bddcc5065237c686cb4d89dba8b276f2

From Obstacle to Ally - Repositioning the Security Team

March 30, 2012 Added by:Steven Fox, CISSP, QSA

Rarely are non-security staff engaged in risk control discussions – a lack of interaction that disenfranchises those who will interact with the controls. This engenders a sense of powerlessness that leads to passive sabotage of initiatives intended to further the business...

Comments  (0)

Page « < 1 - 2 - 3 > »